Skip to content
/ web-security Public

Exploring web security through XSS, CSRF, SQL injection, password breaking and database encryption using API method

License

MIT license
1 star 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

aravindvaddi/web-security

BranchesTags

Repository files navigation

Web Security

The following tasks were performed as part of an assignment for "Application Security" course at New York University

Auditing and test cases (Part 1)

  • Perform one attack that exploits a Cross-site scripting (XSS) vulnerability
  • Perform one attack that exploits a Cross-site request forgery (CSRF) vulnerability
  • Perform one attack that exploits an SQL injection vulnerability
  • Break a salted password using a dictionary and retrive the original password
  • Fix the vulnerabilities
  • Use Travis CI to perform regression tests
  • Write a bugs.txt explaining the bug code, payload used to exploit it and the fix.

Database encryption (Part 2)

  • Encrypt database models
  • Safe key management
  • A write up explaining the process

Please look at intructions for more details

About

Exploring web security through XSS, CSRF, SQL injection, password breaking and database encryption using API method

Topics

django travis-ci sqlite-database xss python3 sql-injection csrf web-security password-cracking database-encryption django-cryptographicfields

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

3 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages